Submitted via IRC for boru.
https://www.infoq.com/news/2020/07/nRF52-debug-resurrect/:
A recent hardware attack on the Nordic nRF52 chip uses local access to gain chip-level debugging capabilities that persist in silicon, unpatchable in software. Nordic has confirmed the issue and encouraged device manufacturers to detect openings of the enclosure, as the chip is not hardened against fault injection.
This chip is used in so many bluetooth products. Might be fun to go wardriving and find some and see if any have accessible SWD pins.
(Score: 4, Funny) by VLM on Friday July 17 2020, @05:26PM (3 children)
I would imagine its more fun to pown someone's BT keyboard to obtain all their passwords and login information, than to pown their remotely controlled vibrator or doorbell. Although it would be funny to cross connect the two if you pown them both. "I don't know why my wife leaps off the couch every time a door to door salesman comes by, but its interesting to observe"
(Score: 2) by DannyB on Friday July 17 2020, @06:09PM (2 children)
Many of these bluetooth doorbells also capture video. Suppose porch pirates could jam the video or replace it with goatse videos or Trump speech videos.
It might not be necessary to PWN a bluetooth device. I don't know the feasibility of this, but suppose it were possible to passively capture encrypted bluetooth traffic. Now you don't have to "hack" their keyboard, just be able to determine the encryption parameters (if any). You could capture doorbell videos.
Imagine if you could inject the audio of your choosing (but not Justin Bieber) into people's music headphones or telephone headsets. Or simply record their conversations.
The other thing this chip is used in is NFC. Potential implications for payments or payment systems or terminals?
I don't want to sound like the end is coming, but the election is only a hundred some odd days away.
The lower I set my standards the more accomplishments I have.
(Score: 1) by redneckmother on Saturday July 18 2020, @02:15AM
Pass the brainbleach, please.
Mas cerveza por favor.
(Score: 2) by VLM on Saturday July 18 2020, @06:07PM
Yeah physical security door locks too. Interesting.